backtop


Print


  (Source: Legendary Pictures/Warner Bros.)
iPhone and Windows Phone are crippled by attacks on cloud; even two-factor authentication may also be compromised

Chinese censors appear to be conducting a massive attack on both Apple, Inc. (AAPL) and Microsoft Corp.'s (MSFT) cloud services, according to anti-censorship group Great Fire.  The attack comes after weeks of turmoil and unrest over pro-democracy protests in the semi-autonomous city-state of Hong Kong.

I. War is Coming

Using traceroutes and a wirecaptureGreat Fire (GreatFire.org) verified that Chinese local requests for the Apple iCloud and Microsoft Live services (e.g. OneDrive and Office 365) redirected users to a dummy page which looked like the real thing, but was designed to harvest usernames and passwords.  As this redirect reportedly occurred at a high level -- via the so-called "Great Firewall" -- it appears highly likely that government authorities were behind it.

With the data gathered from the attack, Chinese authorities may be able to achieve new monitoring of both the messages and online activities of both pro-democracy citizen activists and foreign journalists reporting on the Hong Kong protests.  The latter group likely includes reporters from America.  Americans traveling abroad in China will also find themselves targeted.

Hong Kong
Pro-democracy protests in Hong Kong have triggered increasing attacks on American services by Chinese censors. [Image Source: EPA]

Another sign the attack is state sanctioned is seen in the fact that China's official state sanctioned web browser -- Qihoo -- offers no warnings about the phishing attempt, while popular American third-party browsers such as Firefox and Google Inc.'s (GOOG) Chrome offer proper warnings about the malicious redirect.

The decision to target Microsoft and Apple with government attacks designed to steal user data mirrors Chinese authorities past battles against Google.  It is a rather interesting development as previously Microsoft and Apple typically complied with local data requests.  The fact that Chinese officials felt the need to directly attack the American tech firms' services suggest that top American firms like Apple may be changing their policy and cooling to Chinese officials' censorship requests.

In recent months Chinese authorities raided Microsoft's local offices and removed Apple's products from state procurement lists, signs of increasing East-West tensions in the technology space.

Chinese iPhones
Chinese officials have grown increasingly hostile towards Apple and Microsoft in recent months.
[Image Source: VR-Zone]

If that's the case it's a major headache for Chinese censors as Apple, Microsoft, and Google have all adopted increasing encryption in their mobile operating systems, a push that's been met with criticism from federal censors in the U.S., as well. That said, the increasing reliance on cloud-hosted services and storage is a chink in the armor of that scheme as cloud services are very vulnerable to phishing.

II. Censorship Attacks are Crippling Devices

From a security standpoint, these attacks are crippling the iPhone and Windows Phone in China, making them too dangerous to use.

The attack is not without its flaws, though.  According to Great Fire only some of the IPs locally associated with Apple's iCloud.com and Microsoft's login.Live.com are being redirected to the attack pages.  So some requests (confusingly) may reach the legitimate local service.

iPhone 6 in China
The iPhone and Windows Phones should be considered unsafe to use in China while these attacks continue. [Image Source: VR-Zone]

Another potential flaw in the attack is two-factor authentication.  If you have two-factor authentication enabled, it may not be enough to simply steal your password.  That said, even two-factor authentication should be considered compromised as the Chinese government controls the phone networks and could easily redirect authentication pins to itself.

One work-around that may actually work -- on the PC side at least -- is using a VPN.  By using a VPN to mask your IP requests, you may be able to avoid the malicious Great Firwall level redirects.

That said, if you're in China and have an iPhone or Windows Phone, the bottom line is it's probably safest not tot use it for now.  Without extreme countermeasures like constant VPN masking, American smartphones -- for now -- are simply too insecure to use in China.

Sources: GreatFire.org, via Quartz





"And boy have we patented it!" -- Steve Jobs, Macworld 2007













botimage
Copyright 2017 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki